This section contains some test content encoded and packaged with Microsoft Azure Media Services. You can also easily create your own test content with Azure Media Services. See the online documentation to get started. PlayReady Company Certificates for testing. I was able to use the code in test/certs to generate what seems to be a customer certificate. That option tells it.
The packager needs to include a PlayReady Header in the encrypted content.
For a detailed description of the PlayReady Header and the PlayReady Object, see the PlayReady Header Specification.
The PlayReady Header contains information about the content being played back, including the key identifiers (KIDs) that identify the keys used to encrypt the data, the default license acquisition URL of the PlayReady License Server, and any custom data that you want to include. The key and KID used to encrypt the content must be shared with the PlayReady License Server that will be issuing the licenses for that specific content, typically through a Key Management System (KMS).
Microsoft does not provide a Key Management System with PlayReady.
The following XML code provides an example of a PlayReady Header, which may be inserted in the header of a segmented MP4 file, typically for On-Demand content. It includes the list of KIDs (the IDs of the content encryption keys) that are needed for a client to decrypt the content. It is the most common way to signal these KIDs for an On-Demand file or stream.
The following XML code provides an example of a PlayReady Header for Live Linear content. It does not include any KID because the content encryption keys (and their associated KIDs) will change occasionally (for example, very frequently, or at program boundary, or every hour, or every day). The KIDs used for the content stream will be signalled in the segment headers, and it is not necessary to include any of them in the stream top level PlayReady Header. The property DECRYPTORSETUP is set to ONDEMAND, which means the PlayReady Header and Decryptor will be set on demand, meaning when the client will actually need to start decrypting a segment — and at this point, the client will have access to another PlayReady Header in the segment header to figure out what KID is involved.
DECRYPTORSETUP = ONDEMAND does not mean the content is served On-Demand, it is actually the opposite.
There are multiple ways to create a PlayReady Header generator in your packager. The following sections describe, in general, how you can generate a PlayReady Header.
Method 1 - Build your own code based on the PlayReady Header Specification
The PlayReady Object and Header Specification is public so it is possible, and quite simple, to write code in your appliance or service that generates a PlayReady Object and a PlayReady Header, to package content.
The PlayReady Header generator needs to have input parameters such as:
- On Demand content or Live Linear content.
- KID or list of KIDs that are used to protect the whole asset.
- Encryption type used (AESCTR or AESCBC).
- Defaut LA URL — the default URL of the PlayReady License Server that will be issuing licenses, if known at packaging time.
- Default Domain Service Identifier, if the service is using domains.
You can now create the PlayReady Object and its associated PlayReady Header. The following code sample demonstrates how to create a PlayReady Object that contains a PlayReady Header used for On-Demand content.
Method 2 - Use the PlayReady Server API
If you are a PlayReady Server SDK licensee, the server SDK contains the PlayReadyHeader class that can be used to construct a PlayReady Header. It includes methods you can use and properties you can fill in with the information required for a PlayReady Header.
The PlayReadyHeader class is described in detail in the PlayReady documentation you receive with your PlayReady Server SDK license. The PlayReady Server SDK also includes a sample packager (AESPackaging) that demonstrates how to create a PlayReady Header.
As in Method 1, you will need the KeyID(s) that were generated by the key management system, the encryption type (AESCTR or AESCBC), the URL of the PlayReady license server,and optionally, the domain service identifier.
Method 3 - Use a Windows application
Things you need before you begin.
- You must have the KeyID(s) that were generated by the key management system.
- You must know the encryption type (AESCTR or AESCBC).
- Create the PlayReady header inside the PlayReady object using the Windows 10 PlayReadyContentHeader class.
As in the previous methods, you will need the KeyID(s) that were generated by the key management system, the encryption type (AESCTR or AESCBC), the URL of the PlayReady license server,and optionally the domain service identifier.-->
PlayReady helps secure encrypted content by distributing and controlling the use of content encryption keys over networks and in clients. With this technology, content owners and services distributing high-valued content can monetize their content with full control over their business model.
The packager is an appliance, or a software or a cloud service that takes a piece of video and audio in the clear and protects it with PlayReady and encrypts it. The packager is sometimes also called the encryptor. The packager is frequently integrated in the encoder, but it may be a separate function that runs on the output of the encoder.
Generate A Test Key From Playready 3
Companies developing a standalone packager (or a packaging function in an encoder) utilizing PlayReady technologies need to integrate two functionalities in their product:
One that encrypts content in a PlayReady compatible encryption format.
Another that generates a PlayReady Object (along with its associated PlayReady Header) and inserts it in the encrypted content.
Developing or operating a PlayReady packager can be done without signing any PlayReady licensing agreement with Microsoft, and without paying any fee or royalty to Microsoft for the PlayReady technology.
The following video provides an overall look at packaging PlayReady protected content.
The following video provides a particular look at packaging PlayReady protected content with rotating keys leveraging PlayReady Embedded Licenses.